- http://isc.sans.org/...date=2004-07-26Updated July 26th 2004 19:30 UTC"...The latest version of MyDoom, which started arriving in peoples mail boxes in force today, uses search eninges to find more recipients for its message. Once the virus is started, it searched the users files for domain names. Once it spotted a domain name (e.g. '@example.com', or in 'www.example.com'), it will search various search engines for valid e-mail addresses within these domains. These search engines include Lycos, Google, Altavista, Yahoo and possibly others...Google and Lycos appear to have problems responding to queries as a result...Antivirus vendors are currently publishing updated signature files. Please update ASAP. Infected machines can be identified by looking for excessive traffic to search engines and smtp traffic. The virus is UPX packed..."

MyDoom-O hits search engines hard- http://isc.sans.org/...date=2004-07-26Updated July 27th 2004 01:25 UTC"OverviewThe latest version of MyDoom, which started arriving in peoples mail boxes in force today, uses search engines to find more recipients for its message. Once the virus is started, it searched the users files for domain names. Once it spotted a domain name (e.g. 'example.com'), it will search various search engines for valid e-mail addresses within these domains. These search engines include Lycos, Google, Altavista, Yahoo and possibly others. Some of the search engines, in particular Google and Lycos, had problems handling the large number of queries. As a result, the search engines did not return any result, or returned error messages. These MyDoom e-mails arrive in a number of different forms. Some claim to be a bounce caused by a message the user sent earlier, others claim to be a message from the users ISP claiming that the user sent spam and should run the attached file. The virus may be zipped or a plain executable...DetailsMyDoom creates the executable files C:\Windows\services.exe and java.exe, and executes them..."

>>> (More complete up-to-date details - please use the link!)

.The machine has no brain.
......... Use your own.
Browser check for updateshere.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.

- http://isc.sans.org/...date=2004-07-26Updated July 27th 2004 15:11 UTC"...Symantec reports that the 'Zindos.A' backdoor dropped by MyDoom-O is used by a worm that will attempt to DDOS microsoft.com. Infected systems will start the DDOS right after the worm is installed and will scan for other vulnerable systems. Infected systems can easily be identified by looking for port 1034 TCP scans..." ( http://isc.sans.org/...s.php?port=1034 )